ASIS CPP - Crisis Management Flashcards
1
Q
History of Emergency Management in the US
When was FEMA established with the consolidation of most federal emergency agencies and programs?
A
1979
2
Q
History of Emergency Management in the US
With the created of what agency, FEMA initially became the Emergency Preparedness and Response Directorate
A
Department of Homeland Security (DHS)
3
Q
History of Emergency Management in the US
Three primary objectives of FEMA
A
- Minimize the probability of a threat or emergency
- Mitigate the impact if the event occurs
- Recover and resume normal operations
4
Q
History of Emergency Management in the US
Two key elements necessary to achieve objectives
A
- What is to be done?
- Who is to do it?
5
Q
History of Emergency Management in the US
Effective emergency management programs
A
- Prepare an enterprise for business interruptions
- Ensure proper flow of critical information in an emergency
6
Q
History of Emergency Management in the US
Planning is essential to…?
A
- Ensure recovery from business interruptions
- Protect the profitability of the enterprise
7
Q
Crisis Management - In General
The elements of a 4-pronged approach to emergency management?
A
- Mitigation
- Preparedness
- Response
- Recovery
8
Q
Crisis Management - In General
Lasting, often the permanent reduction of exposure to, the probability of, or potential loss from hazards
A
Mitigation
9
Q
Crisis Management - In General
Actions taken before an event to plan, organize, equip, train, and exercise in order to deal with emergencies that cannot be avoided or entirely mitigated
A
Preparedness
10
Q
Crisis Management - In General
Activities that address the short-term, direct effects of an incident
A
Response
11
Q
Crisis Management - In General
Near-term and long-term actions taken to return the organization to a pre-emergency level of operation or, in some cases, to a new level of operation
A
Recovery
12
Q
Crisis Management - In General
Three major categories of emergencies…
A
Natural
Human (internal or external)
Accidental
13
Q
Crisis Management - In General
An effective tool for determining the probability of a threat or a disaster, and its impact on an organization, is to conduct a risk analysis in the development stage of the emergency plan
A
Risk Analysis
14
Q
Crisis Management - Terminology
A private-sector version of emergency management with actions, such as a BIA, not applicable to communities
Encompasses actions were taken before, during, or after an emergency to minimize the impact on operations and effect a timely response, resumption of business, and recovery
A
Business Continuity (BC)
15
Q
Crisis Management - Terminology
Continuity of Operations (COOP)
A
- A term normally applied specifically to the US government
- Different from BC; entails move of critical functions and personnel to an alternate site
16
Q
Crisis Management - Terminology
Organizational Resilience (OR)
A
The adaptive capacity of an organization in a complex and changing environment
The ability to resist being affected by an event or to return to an acceptable level of performance in an acceptable period of time after an event
17
Q
Crisis Management - Terminology
Business Impact Analysis (BIA)
A
- An integral part of the business BC process
- Identifies critical functions, assesses the impact of an emergency on those functions over time, determines other elements dependent on critical functions, helps develop and prioritize recovery strategies
- Maybe “hazard neutral” or may incorporate specific hazards
18
Q
Crisis Management - Standards
All Hazards
The all-hazards approach has been adopted by FEMA and can be used in business and organizational plans as well as community plans; this approach provides for a basic emergency plan, or emergency operations plan (EOP), with…
A
- Functional annexes (such as emergency call lists) that apply to multiple emergency situations
- Threat-specific annexes (such as procedures for bomb incidents
- Alternative planning approaches two things…
(developing stand-alone plans for each relevant emergency or contingency
(Some combination of the preceding two approaches)
19
Q
Crisis Management - Standards
Was developed by DHS in March 2004
A
National Incident Management System (NIMS)
20
Q
Crisis Management - Standards
NIMS
Provides a systematic, proactive approach guiding government departments and agencies, the private sector, and nongovernmental organizations to work seamlessly to prepare for, prevent, respond to, recover from, and mitigate the effects of incidents, regardless of cause, size, location, or complexity, in order to reduce the loss of life, property and harm to the environment
A
21
Q
Crisis Management - Standards
Command and control mechanism used by many public safety agencies and jurisdictions in the US
A
Incident Command System (ICS)
22
Q
Crisis Management - Standards
ICS provides an expandable structure that can be used as needed to manage emergency agencies
A
23
Q
Crisis Management - Standards
ICS normally consists of five primary elements
A
- Command
- Operations
- Planning
- Logistics
- finance and administration
24
Q
Crisis Management - Standards
IC - Incident Commander
The IC is normally the…?
A
A senior member of the responding agency.
25
Crisis Management - Standards
For a one-agency response...
ICS is a single-incident command
26
Crisis Management - Standards
For a multiple-agency response,
ICS is a unified command
27
Emergency Planning
The logical beginning of emergency management is the development of a plan that...
- Defines "emergency" in terms relevant to the organization
- Establishes an organization to perform specific tasks before, during, and after an emergency
- Establishes a method for using available resources, and for obtaining additional resources at the time of an emergency
- Provides a means for moving normal operations into and back out of the emergency mode of operations
28
Emergency Planning
The purpose of an emergency plan is to...?
Highlight the types of problems that will be encountered and to require decision-makers to consider in advance how to react when an emergency develops
29
Emergency Planning
Who must be directly involved in the identification and evaluation of assets as part of the plan development?
Management
30
Emergency Planning: Principles
Evacuation & Shelter
Move all persons not needed in disaster operations to places of safety
31
Emergency Planning: Principles
Personal Protection
Ensure persons who must remain in a threatened area are well-protected
32
Emergency Planning: Principles
Rescue and Relief
Provide a ready means of support and assistance for injured persons
33
Emergency Planning: Principles
Guiding principles for preventing or minimizing injury
- Design safety: Eliminate conditions that increase the likelihood of injury given the nature of the emergency and the character of the organization or facility
- Training: Prepare responders to avoid increased exposure through ignorance or ineptitude
34
Emergency Planning: Contingency Planning
**Tactical planning** should also be part of contingency planning, in general
35
Emergency Planning: Contingency Planning
Logistical decisions made in advance will impact the success or failure of a good preparedness & response plan
36
Emergency Planning: Plan Management
The most important thing about planning:
It is a continuing process never finished as long as the plan exists
37
Emergency Planning: Plan Management
Even with planning, **it is necessary to improvise and remain flexible** when a disaster or other emergency strikes
38
Emergency Planning: Plan Management
**Mitigation strategies related to constructing or retrofitting facilities or otherwise reducing the impact of potential emergency events** should be addressed in a separate mitigation plan
39
Emergency Planning: Plan Management
What should be separate from the organization's security operations plan
Recovery and continuity of operations plan (Business Continuity)
40
Emergency Planning: Plan Management
How often should the plan be audited?
Annually
41
Emergency Planning: Plan Management
The plan should be evaluated and modified after
- Each training drill
- Each emergency
- Changes in personnel or their responsibilities
- Changes in the facility's physical design
- Changes in policies or procedures
42
Emergency Planning: Plan Format
Two significant considerations arise in choosing a planning format
1. Dissemination of the plan - All individuals and organizational elements with designed responsibilities under the plan
2. Maintenance of the plan - Reviewed and updated regularly
43
Emergency Planning: Legal Review
Incident response policies should be reviewed periodically by legal counsel to ensure they...
- Are legally defensible and enforceable
- Comply with overall company policies and procedures
- Reflect known industry best practices demonstrating the exercise of due care
- Conform to national, state, and local laws and regulations
- Protect staff from lawsuits
44
Emergency Planning: Plan Format
In addition, legal counsel should consider the following factors
- When to prosecute and what should be done to prosecute a person caught violating facility access rules
- What procedures will ensure the admissibility of evidence
- When to report an incident to local, state, or national law enforcement agencies
45
Emergency Management: Structure
One operating official should be designated as the emergency coordinator to assume responsibility for the plan and to...
ensure physical department boundaries do not impede a smooth emergency response
46
Emergency Management: Structure
A totally new organization should not be developed to handle emergencies
Such problems should be handled by the existing organization, temporarily reconfigured, and executives responsible for the day-to-day operation of the enterprise
47
Emergency Management
The organization should have a **Crisis Management Team** to lead incident/event response
48
Emergency Management
Some boards can function even if a disaster incapacitates so many members that a quorum is not possible
- The bylaws of such companies provide a means of returning the board to full strength
- One method is for board vacancies to be filled by the remaining board members
- Some states have passed special statutes to facilitate emergency planning by corporations
49
Emergency Coordination
A facility may create written support agreements with local or state LE agencies or MAAs with other local sites
50
Emergency Coordination
Organizations agree to assist each other with **materials, equipment, personnel for emergency response**
51
Emergency Coordination: Mutual Aid Association
Purpose:
Establish an emergency management org to minimize damage, ensure continued ops, restore ops.
52
Emergency Coordination
Government agencies often use **interagency support agreements or memoranda of understand (****MOUs****)**
53
Emergency Response: Categories
Immediate, on-site response (timely response)
Requires better detection and delay
54
Emergency Response: Categories
After-the-fact recovery
Requires use of investigative tools, including video surveillance footage
55
Emergency Response: Response Strategies
Containment
Denial
Assault
56
Emergency Response: Shut Down
The actual shutdown should be assigned to **people familiar with the process**
57
Emergency Response: Training
All businesses need to plan initial and refresher emergency training
58
Emergency Response: Training
Training and orientation must be reinforced and tested with periodic drills and exercises, which may include
- Tabletop exercises conducted in a conference room for members of the organization's crisis management team (CMT) or other management personnel
- Evacuation and shelter-in-place drills for all employees
- Walkthrough of an emergency plan or particular emergency response functions by selected organizational personnel
- A full exercise involving outside response agencies
59
Emergency Response: Training
Emergency tests and exercises are conducted for many reasons
1. Checking the workability of a plan or a part thereof
2. Determining the level of staff awareness and training
3. Evaluating the adequacy of emergency communications
4. Identifying shortcomings in evacuation procedures
60
Emergency Response: Training
**To validate an organization's emergency plan,** an unannounced test should be conducted with appropriate controls and safeguards in place
61
Emergency Response: Training
Focus
- Most likely situations of each site
- Location, construction, and size of each site
- Function of each site
62
Emergency Response: Release of Information
The emergency plan should provide for the orderly release of information, **preferably through a single source in the organization**
63
Emergency Response: Release of Information
It is best to avoid answering questions with the phrase "no comment"
64
Incident Response: Biological & Chemical Threats
Goal #1
Limit the distribution of the material
65
Incident Response: Biological & Chemical Threats
Goal #2
Look after any staff who have been exposed
66
Incident Response: Fire
Primary influences on smoke movement in low buildings:
**Heat, convective movement, and fire pressures**
67
Incident Response: Fire
Primary influences on smoke movement in high rises:
"Stack effect"
Influence of external wind forces
Forced air movement within the building
68
Incident Response: Fire
The vertical, natural air movement through the building caused by the differences in temperature and densities between the inside and outside air
Stack Effect
69
Incident Response: Fire
Two basic approaches to smoke control
1. The HVAC system can be shut down and the fire area isolated or compartmented
2. Fans can continue running, using the air duct system for emergency smoke control
- Automatic pressurization of stairwells is often utilized to keep smoke out of these spaces
70
Bomb Incident Response
Bombings continue to be the preferred weapon of **terrorists and a common tool for criminals**
71
Bomb Incident Response
Bomb Advantages
- A large amount of damage; more than from an armed assault
- Anonymity from a remote location at the time of the explosion
- Ability to cause damage with a device placed outside the site
- Ability to cause considerable disruption with little expense
- High media value for publicizing a cause
72
Bomb Incident Response
Bombing Disadvantages
- Bomb maker may be accidentally killed by the bomb
- The bomb may not function as intended
- Risk of detection when placing the bomb
- Risk of device being detected before it detonates, resulting in evacuation and possible disarming
- Forensic evidence from the bomb components
73
Bomb Incident Response
Explosions may be..
Mechanical
## Footnote
Chemical
Nuclear
74
Bomb Incident Response
Low explosives, which are suitable for propelling and pushing
- Propellants (gun powders)
- Pyrotechnic compositions
- Expelling charges for line throwers
- Special effects system
75
Bomb Incident Response
High explosives **detonate**; low explosives **ignite**
76
Bomb Incident Response
Three primary products of an explosion
Blast
## Footnote
Fragmentation
Heat
77
Bomb Incident Response
Protection from a bomb is achieved **through distance and cover**
78
Bomb Incident Response
The use of films and anti-shatter technology should be assessed against
- Possible and probable location of bombs
- The expected size of a bomb on the site
- The assets near the glass
79
Bomb Incident Response
Elements required for a bombing
- Motive (criminal, political, or personal)
- Material (main charge, initiator/detonator, trigger, safety switch)
- Knowledge
- Opportunity
80
Bomb Incident Response
Bomb response is a management-level responsibility, requiring quick decisions with limited information
81
Bomb Incident Response
Management must respond to bomb threats based on...
- Limited information
- Limited time
82
Bomb Incident Response
An effective bomb incident management capability requires **procedures relevant to the organization and based on sound security analysis**
83
Bomb Incident Response: Risk Assessment
In assessing whether a particular facility is at risk to a bombing, the following questions should be considered
- Is the building a likely target?
- Are any tenants in the building a likely target?
- Is the building an obvious easy or soft target?
- Are any nearby buildings a likely target?
84
Bomb Incident Response: Risk Assessment
Bomb Incident Plans
- Should provide information, policies, procedures, and training to limit bomb potential
- Should help the organization respond appropriately bomb threats and incidents
- Should provide specific guidance, policies, and procedures for fire wardens, security supervisors, and relevant managers
- Must be site-specific but also part of an integrated security management process
85
Bomb Incident Response: Risk Assessment
Bomb Incident Plans (ctd...)
- Should address unattended items, bomb threats, bombs, hazardous mail, and post-blast conditions
- Should describe how training will be developed and delivered, in particular, training on the evaluation of bomb threats and unattended items and on search techniques
86
Bomb Incident Plans
Should be based on...
- An understanding of the elements of a bombing: motive, material knowledge and opportunity
- Exposure of the organization to bomb incidents due to its business environment, location, relationships, and staff
- The effectiveness of emergency, health and safety, human resources, and other guns
- Current security measures
- Senior management recognition of the risk of a bomb incident and the need for a plan
87
Bomb Incident Response
All staff who deal with the public should be **taught how to receive and record threats, and to whom they should report the information**
88
Bomb Incident Response
threat evaluation consists of five R's
- Receive
- Record
- Report
- Review
- Respond
89
Bomb Incident Response
The bomb threat review phase
1. Most important and difficult phase
2. threat evaluation is a managerial decision-making process
3. Unlike a fire, a bomb threat is not a self-evident risk; it requires a review of facts to determine credibility
90
Bomb Incident Response
Primary evidence is the actual threat
Accuracy in capturing the wording of the threat is essential; the actual words used must be recorded, including omissions, changes in thought, slang, technical terms, inaccuracies in terminology, or knowledge of the site
91
Bomb Incident Response
The amount of time available for evaluating the threat can be calculated by **subtracting the time required to evacuate the site plus a safety margin form the bomb** **deadline,** **if one is given**
92
Bomb Incident Response
If there is not enough time to evacuate the site and conduct a threat evaluation, **the threat coordinator should make an immediate decision on evacuation**
93
Bomb Incident Response
If the perpetrator does not provide a deadline, **the threat coordinator should evaluate the threat as quickly as possible**
94
Bomb Incident Response
One might think it is preferable to evacuate for all bomb threats, but organizations must be able to continue operating until it is determined **a hazard probably exists and there is a legitimate need for full or part evacuation**
95
Bomb Incident Response
Evacuation plans should include the **closure of processes as well as the emergency transfer of data**
96
Bomb Incident Response: Evaluation
**Evacuation is not always best;** constant evacuation undermines confidence in management's ability to provide a safe, secure, and productive work environment
97
Bomb Incident Response
Constant evacuation may also lead to **copycat incidents as staff seek time off from work or outsiders enjoy the prospect of disrupting activities**
98
Bomb Incident Response
To respond effectively to a threat, the organization must...
- Recognize it has been threatened
- Capture information about the threat and report it to the relevant authority within the organization
- Evaluate the threat
- Respond appropriately
99
Bomb Incident Response
The evaluation is a complex management decision that **requires procedures, planning, training, and rehearsal**
100
Bomb Incident Response
It is important all employees know how to record the wording of any threatening call, and how to forward a threatening email or other messages
101
Bomb Incident Response
A threat can be evaluated for specificity, **which suggests the offender's level of knowledge and commitment**
102
Bomb Incident Response
**A detailed threat demonstrating knowledge of the site** is more credible than a vague threat
103
Bomb Incident Response
Where possible, the evacuation assembly areas should be
- At least 300 meters from the building
- Not in a direct line of sight of the bomb
- Not facing or under windows
- Behind solid cover, such as another building
104
Bomb Incident Response: Searches
**Unless the site has a particular political value or is hosting VIPs,** it is unlikely the police will search
105
Bomb Incident Response: Searches
**Those who work in an area** can best identify what is out of place there
106
Bomb Incident Response: Searches
**Search teams of two people work well,** as each team member can search an area while assisting the other and ensuring all items in the allocated space have been searched
107
Bomb Incident Response: Searches
**Search teams should leave at least one vacant room or area between them** as they search, to provide a degree of safety for teams
108
Bomb Incident Response: Searches
Types of bomb searches
- Occupant search
- Warden search
- Team search
- High-risk search (trained government personnel w/ specialized equipment)
109
Bomb Incident Response: Searches
If an item is found, decisions must be made on whether to
- Continue the search
- Further, investigate the item
- Evacuate the searchers and others
110
Bomb Incident Response: Searches
Decisions about found devices depend on
- Where the item is found
- Why it is considered suspicious
- Whether it matches the item described in the threat
111
Bomb Incident Response: Searches
If a suspected body bomb is identified, usually the best way to minimize consequences is to **immediately begin to move people away and limit the bomber's ability to get closer to the organization's assets**
112
Bomb Incident Response: Searches
Suicide bombers are a **very small percentage** of bombing offenders
113
Bomb Incident Response: Searches
The Five R's of dealing with unattended items
Receive
Record
Report
Review
Respond
114
Bomb Incident Response: Searches
A bomb can only be classified as a hoax by **emergency services personnel or subsequent forensic examination**
115
Bomb Incident Response: Searches
Egress routes and assembly areas **should be searched for unidentified items before or during the evacuation**
116
Bomb Incident Response: Mail
Hazardous mail includes not only bombs but also
- Noxious and poisonous materials
- Acids
- Chemical or biological agents
- Needles and blades (sharps)
117
Bomb Incident Response: Mail
The aim of the security manager should be **to provide a safer and more secure work environment by increasing the ability to detect and respond to hazardous mail**
118
Bomb Incident Response: Mail
The primary protection from hazardous mail items is...
distance
119
Bomb Incident Response: Mail
"EXPLOSIVE PARCEL" method for identifying mail bombs
**E**xcessive securing material
**X**cessive weight
**P**rotruding wires or time foil
**L**opsided or unevenly weighted
**O**ily stains and discoloration
**S**tiff or rigid envelope
**I**s the package expected?
**V**isual distractions
**E**xcessive postage
120
Bomb Incident Response
Explosive Parcel (ctd..)
**P** roper names and titles incorrect
**A** ddress handwritten or poorly typed
**R**estrictive markings
**C**ommon words misspelled
**E**ither unusual or foreign origin
**L** acks address of sender
121
Bomb Incident Response: Mail
Bombs have a number of basic components
- A power source, often a battery, which can give the item an uneven balance
- A firing switch, which may contain wires or foil
- An explosive or incendiary filling, which adds to the weight and may exude oil
122
Terrorism: Genesis
Precipitants: Those who start an outbreak of violence
123
Terrorism: Genesis
Preconditions
The environment that allows precipitants to instigate an action
124
Terrorism: Genesis
Permissive factors of preconditions
Engender a terrorist strategy and make it attractive to political dissidents
125
Terrorism: Genesis
Factors of Preconditions
Urbanization
Transportation System
Communications Media
Weapons availability
Absence of security measure
126
Terrorism: Genesis
Direct situational factors of preconditions
Factors that motivate terrorists
127
Business Continuity Management System (BCMS)
**The need to resume normal operations rapidly** is as great as the need to control potential damage
128
Business Continuity Management System (BCMS)
The BCMS enables an organization to identify, develop, and implement policies, objectives, capabilities, processes, and programs to address disruptive events that might impact the organization and its stakeholders
129
Business Continuity Management System (BCMS)
Components
Definition of roles, responsibilities, resources
130
Business Continuity Management System (BCMS)
Policy
Top management defines the BCM policy in terms of the characteristics of the organization, locations and operating environment, stakeholders, obligations, and assets
131
Business Continuity Management System (BCMS)
The Policy Is...
- Approved by top management
- Communicated to all persons working for or on behalf of the organization deemed within the scope of the BCMS
- Available to stakeholders as approved by management
- Reviewed at defined intervals and when significant changes occur
132
Business Continuity (BC)
BC is a comprehensive managed effort to prioritize key business processes, identify significant threats to the normal operation and plan mitigation strategies to ensure effective and efficient organizational response to the challenges that surface during and after a crisis
133
Business Continuity (BC): Essential resources
Resources essential for the implementation and maintenance of the BCMS and the BC strategies
- Facilities and equipment
- Human resources
- infrastructure
- Other services, technology, information, intelligence, and funds
134
Business Continuity (BCP)
An ongoing process supported by senior management and funded to ensure necessary steps are taken to identify the impact of potential losses, maintain viable recovery strategies and plans, and ensure continuity of operations through personnel training, plan testing, and maintenance
135
Business Continuity Plan (BCP)
People are the most important aspect of any BCP
136
Business Continuity Plan
Business continuity planning is...
Cyclical
137
Business Continuity Planning
BCPs should be scaled around a worst case scenario
138
Business Continuity Planning
The following factors can trigger a review of the BCP
- Risk assessment
- Sector/industry trends
- Regulatory requirement
- Event experience
- Text/exercise results
139
Business Continuity Planning
Vital records may include
- General ledgers, and accounts payable and receivable
- Constitutions and bylaws
- Contracts and customer data
- Engineering and manufacturing process data
- Incorporation certificates, minutes of BoD meetings
- Insurance policies
- Legal documents, leases, licenses
140
Business Continuity Planning
Crisis Management and Response Teams should be trained at least...
Annually
141
Business Continuity Planning: Stages
Readiness is the first step of a business continuity plan, and addresses...
- Assigning accountability for the plan
- Conducting a risk assessment and a business impact analysis
- Agreeing on strategies to meet the needs identified in the risk assessment and business impact analysis
- Forming Crisis Management and other appropriate response teams
142
Business Continuity Planning: Stages
Identification of danger signals, coupled with the likelihood of an event, is often indicative of an imminent crisis, and warning signs may include, but are not limited to
- Unusual or unexplained changes in sales volume
- Legislative changes
- Corporate policy changes
- Changes to the competitive environment
- Changes to supply based environment
- Warnings of natural disasters
- Imminent or actual changes in HSAS threat level
- Cash flow changes
- The potential for civil or political instability
- impending strike or likely protests
- Hostile labor negotiations
143
Business Continuity Planning: Stages
The responsibility to report a potential crisis (including the notification mechanism) should be communicated to
All Employees
144
Business Continuity Planning: Stages
What is one of the most important ingredients in crisis management, and preplanning for communications is critical?
Effective Communications
145
Business Continuity Planning: Stages
Personnel used for crisis management should be assigned to perform these roles **as part of their normal duties, not voluntary**
146
Business Continuity Planning: Prevention
Prevention is the second step of a BCP that addresses...
- Compliance with corporate policy
- Mitigation strategies
- Avoidance, deterrence and detection
147
Business Continuity Planning: Stages
**Response** is the third step of a BCP that addresses...
- Potential crisis recognition
- Notification of the team
- Assessment of the situation
- Declaration of a crisis
- Execution of the plan
- Communications
- Resource management
148
Business Continuity Planning: Stages
The first element in a response program is...
to determine if a potential crisis exists
149
Business Continuity Planning: Stages
**Determining the initial level of the crisis, and the progression from one level to the** **next,** will normally be the responsibility of the Crisis Management Team
150
Business Continuity Planning: Stages
Individuals should be recruited for membership on Response Teams based on **their skills, level of commitment, and vested interest**
151
Business Continuity Planning: Stages
When initiating a response, it is important to ensure the goals protect the following interests, in order of their priority
1. Save lives and reduce chances of further injuries/deaths
2. Protect assets
3. Restore critical business processes and systems
4. Reduce the length of the interruption of business
5. Protect reputation damage
6. Control media coverage (e.g. local, regional, national or global)
7. Maintain customer relations
152
Business Continuity Planning: Stages
Problem assessment and severity assessment should be made at the outset of a crisis. Factors to be considered are
- Size of the problem
- Potential for escalation
- Possible impact of the situation
153
Business Continuity Planning: Stages
Immediate intervention is taken to minimize further losses and to begin recovery, including activities and programs to restore critical business functions and return to an acceptable condition
Recovery
154
Business Continuity Planning: Stages
What may be performed by the CMT itself or a designated Damage Assessment Team
Damage Assessment
155
Business Continuity Planning: Stages
Maximum acceptable outage time and recovery time objectives should be based on...
- How long processes can be nonfunctional before impacts become unacceptable
- How soon processes should be restored (shortest allowable outage restored first)
- Different recovery time objectives according to time of year
- Identifying and documenting alternate procedures for strategic alliance, mutual aid, manual workaround
- Evaluation of costs of alternate procedures vs. waiting for system to be restored
156
Business Continuity Planning
A management level financial analysis that identifies the impacts of losing an organization's resources. The analysis measures the effect of resource loss and escalating losses over time in order to provide reliable data upon which to base decisions on mitigation, recovery, and business continuity strategies
157
Business Continuity Planning
ASIS BC Guideline
Largely intended for the private sector organizations that own and operate the national critical infrastructure
158
Business Continuity Planning
ASIS BC Guideline
Has applicability in both the private and public sector environments
159
Business Continuity Planning
ASIS BC Guideline
Appropriate for mid- to large-sized organizations, but can be adapted to smaller ones
160
Organizational Resilience (OR)
The adaptive capacity of an organization in a complex and changing environment
Organizational Resilience
161
Organizational Resilience (OR)
Strategic programs supportive of an OR Management System
- Prevention and deterrence (of disruptive incidents)
- Mitigation
- Emergency response
- Continuity
- Recovery
162
Organizational Resilience (OR)
Three generic and interrelated management response steps that require preemptive planning and implementation in case of a disruptive incident
- Emergency response
- Continuity
- Recovery
163
Organizational Resilience (OR)
An OR management policy should reflect the commitment of top management to...
- Comply with applicable legal requirements and other requirements
- Prevention, preparedness, and mitigation of disruptive incidents
- Continual improvement
164
Organizational Resilience (OR)
The OR management policy should be communicated to all persons who work for (or on behalf of) the organization, including contractors working at an organization's facility
165
Organizational Resilience (OR)
When assessing impacts, consider...
- Human cost
- Financial cost
- Corporate image cost
- Economic losses to community
- Environmental impacts
166
Event Security
The event security environment is particularly sensitive to the need to meet an acceptable standard of care
167
Event Security
Primary Duties include...
- Provide safety and security for everyone present
- Safeguarding of property is secondary
- Overall, the security team's responsibility is to reduce risk
168
Event Security
Four options for securing an event with little experience in event protection
- Do the best one can with current security capabilities
- Provide personnel with detailed training in special event security issues
- Hire a special event security provider
- Accept the risk and provide no security for the event
169
Event Security
Special events require security professionals to develop security plans featuring
- Preventive and reactive measures
- Good implementation of the plans
- Effective management of security staff
170
Event Security
Factors directly affecting the design and implementation of the security plan
- Time sensitivity
- Organizational structure
- Volunteers
- Location
- Crowds, participants and attendees
- Type of event
- Communication
- Weather
- Budget
